PingAuthorize

Policy database backups

The PingAuthorize Policy Editor uses a policy database to store its Trust Framework, policies, commit history, and other data needed for proper operation.

By default, the Policy Editor backs up the policy database to a compressed file once a day by making an HTTP request to an admin connector. You can configure the admin port, backup schedule, and output location.

If you are using a managed RDBMS, such as PostgreSQL, instead of the default H2 database, make sure you implement backup strategies in line with your organization’s best practices.

Configure or disable backup

To change the backup configuration, you can:

  • Set the relevant environment variables and restart the Policy Editor.

  • Run the Policy Editor setup tool with the relevant command-line options.

The following table describes the relevant environment variables and command-line options.

For more information about using the environment variables, see Starting PingAuthorize Policy Editor.

Environment variable Command-line option Description

PING_ADMIN_PORT

--adminPort <port>

Specifies the admin port, where administrative task endpoints like periodic policy database backups are handled.

PING_BACKUP_SCHEDULE

--backupSchedule <cron-expression>

Specifies a cron expression to indicate when to perform backups.

The default is 0 0 0 * * ?, which is midnight every day.

For more information, see Quartz 2.3.0 cron format.

The PAP evaluates the expression against the system timezone. For the PingAuthorize Docker images, the default timezone is UTC.

PING_H2_BACKUP_DIR

N / A

Specifies the directory in which to place the policy H2 database backup files.

The default is SERVER_ROOT/policy-backup.

If you are using a Docker image, set this value to a directory on a volume that you mount when you start the Docker container.

N/A

--disablePeriodicBackups

Turns off the periodic policy database backups.

For information about how to use a backup, see Restoring a policy database from a backup.